Lucene search
K

9 matches found

Cvelist
Cvelist
added 2026/06/24 9:21 p.m.18 views

CVE-2026-54759 SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious in a Bazaar package README that executes arbitrary...

8.7CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/16 11:14 p.m.32 views

CVE-2026-40922 SiYuan: Incomplete sanitization of bazaar README allows stored XSS via iframe srcdoc (incomplete fix for CVE-2026-33066)

SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering incomplete fix for CVE-2026-33066 enabled the Lute HTML sanitizer, but the sanitizer does not block iframe tags, and its URL-prefix blocklist does not...

5.3CVSS0.00261EPSS
Exploits1References4
CVE
CVE
added 2026/04/16 11:14 p.m.16 views

CVE-2026-40922

CVE-2026-40922 (SiYuan) : In SiYuan versions 3.6.1–3.6.3, an incomplete sanitization of bazaar README rendering allowed stored XSS via iframe srcdoc, escaping Lute HTML sanitizer and enabling embedded scripts to run in the Electron context with full app privileges. The issue stems from the saniti...

5.4CVSS6.9AI score0.00261EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/16 11:14 p.m.4 views

CVE-2026-40922

SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering incomplete fix for CVE-2026-33066 enabled the Lute HTML sanitizer, but the sanitizer does not block iframe tags, and its URL-prefix blocklist does not...

9CVSS6.9AI score0.00584EPSS
Exploits2References5Affected Software1
EUVD
EUVD
added 2026/04/16 11:14 p.m.3 views

EUVD-2026-23331

SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering incomplete fix for CVE-2026-33066 enabled the Lute HTML sanitizer, but the sanitizer does not block iframe tags, and its URL-prefix blocklist does not...

9CVSS6.9AI score0.00584EPSS
Exploits2References4
OSV
OSV
added 2026/03/23 6:14 p.m.3 views

GO-2026-4743 SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering in github.com/siyuan-note/siyuan/kernel

SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering in github.com/siyuan-note/siyuan/kernel...

9CVSS5.8AI score0.00584EPSS
Exploits1References3
OSV
OSV
added 2026/03/18 4:9 p.m.4 views

GHSA-4663-4MPG-879V SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering

Stored XSS to RCE via Unsanitized Bazaar README Rendering Summary SiYuan's Bazaar community marketplace renders package README content without HTML sanitization. The backend renderREADME function uses lute.New without calling SetSanitizetrue, allowing raw HTML embedded in Markdown to pass through...

5.3CVSS6.2AI score0.00584EPSS
Exploits2References4
Github Security Blog
Github Security Blog
added 2026/03/18 4:9 p.m.9 views

SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering

Stored XSS to RCE via Unsanitized Bazaar README Rendering Summary SiYuan's Bazaar community marketplace renders package README content without HTML sanitization. The backend renderREADME function uses lute.New without calling SetSanitizetrue, allowing raw HTML embedded in Markdown to pass through...

9CVSS6.2AI score0.00584EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.7 views

PT-2026-26188

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and earlier SiYuan versions 3.5.9 and earlier Description SiYuan is a personal knowledge management system. The backend 'renderREADME' function uses 'lute.New' without calling 'SetSanitizetrue', allowing raw HTML embedded...

9CVSS6.7AI score0.00584EPSS
Exploits1References156
Rows per page
Query Builder